1 version 1.0pre4 Jan 17 2000
3 * Updated documentation; the documentation now reflects the
4 configuration as it is.
6 * Some internal changes to make tinc scale better for large
7 networks, such as using AVL trees instead of linked lists for the
10 * RSA keys can be stored in separate files if needed. See the
11 documentation for more information.
13 * tinc has now been reported to run on Linux PowerPC and FreeBSD x86.
17 version 1.0pre3 Oct 31 2000
19 * The protocol has been redesigned, and although some details are
20 still under discussion, this is secure. Care has been taken to
21 resist most, if not all, attacks.
23 * Unfortunately this protocol is not compatible with earlier versions,
24 nor are earlier versions compatible with this version. Because the
25 older protocol has huge security flaws, we feel that not
26 implementing backwards compatibility is justified.
28 * Some data about the protocol:
30 * It uses public/private RSA keys for authentication (this is the
31 actual fix for the security hole).
33 * All cryptographic functions have been taken out of tinc, instead
34 it uses the OpenSSL library functions.
36 * Offers support for multiple subnets per tinc daemon.
38 * New is also the support for the universal tun/tap device. This
39 means better portability to FreeBSD and Solaris.
41 * tinc is tested to compile on Solaris, Linux x86, Linux alpha.
43 * tinc now uses the OpenSSL library for cryptographic operations.
44 More information on getting and installing OpenSSL is in the manual.
45 This also means that the GMP library is no longer required.
47 * Further, thanks to Enrique Zanardi, we have Spanish messages; Matias
48 Carrasco provided us with a Spanish translation of the manual.
51 What still needs to be done before 1.0:
53 * Documentation. Especially since the protocol has changed, and a lot
54 of configuration directives have been added.
59 version 1.0pre2 May 31 2000
61 * This version has been internationalized; and a Dutch translation has
64 * Two configuration variables have been added:
65 * VpnMask - the IP network mask for the entire VPN, not just our
66 subnet (as given by MyVirtualIP). The Redhat and Debian packages
67 use this variable in their system startup scripts, but it is
69 * Hostnames - if set to `yes', look up the names of IP addresses
70 trying to connect to us. Default set to `no', to prevent lockups
73 * The system startup scripts for Debian and Redhat use
74 /etc/tinc/nets.boot to find out which networks need to be started
77 * Fixes to prevent denial of service attacks by sending random data
78 after connecting (and even when the connection has been established),
79 either random garbage or just nonsensical protocol fields.
81 * tinc will retry to connect upon startup, does not quit if it doesn't
84 * Hosts that are disconnected implicitly if we lose a connection get
85 deleted from the internal list, to prevent hogging eachother with
86 add and delete requests when the connection is restored.
89 What still needs to be done before 1.0:
92 * Failover ConnectTo lines, try another one if the first doesn't work.
97 version 1.0pre1 May 12 2000
99 * Various other bugfixes
100 * Documentation updates
102 version 0.3.3 Feb 9 2000
103 * Fixed bug that made tinc stop working with latest kernels (Guus
107 version 0.3.2 Nov 12 1999
108 * no more `Invalid filedescriptor' when working with multiple
110 * forward unknown packets to uplink
112 version 0.3.1 Oct 20 1999
113 * fixed a bug where tinc would exit without a trace
115 version 0.3 Aug 20 1999
116 * pings now work immediately
117 * all packet sizes get transmitted correctly
119 version 0.2.26 Aug 15 1999
120 * fixed some remaining bugs
121 * --sysconfdir works with configure
122 * last version before 0.3
124 version 0.2.25 Aug 8 1999
125 * improved stability, going towards 0.3 now.
127 version 0.2.24 Aug 7 1999
128 * added key aging, there's a new config variable, KeyExpire.
129 * updated man and info pages
131 version 0.2.23 Aug 5 1999
132 * all known bugs fixed, this is a candidate for 0.3
134 version 0.2.22 Apr 11 1999
135 * multiconnection thing is now working nearly perfect :)
137 version 0.2.21 Apr 10 1999
138 * You shouldn't notice a thing, but a lot has changed wrt key
139 management - except that it refuses to talk to versions < 0.2.20
143 version 0.2.19 Apr 3 1999
144 * don't install a libcipher.so
146 version 0.2.18 Apr 3 1999
147 * blowfish library dynamically loaded upon execution
148 * included Eric Young's IDEA library
150 version 0.2.17 Apr 1 1999
151 * tincd now re-executes itself in case of a segmentation fault.
153 version 0.2.16 Apr 1 1999
154 * wrote tincd.conf(5) man page, which still needs a lot of work.
155 * config file now accepts and tolerates spaces, and any integer base
156 for integer variables, and better error reporting. See
157 doc/tincd.conf.sample for an example.
159 version 0.2.15 Mar 29 1999
162 version 0.2.14 Feb 10 1999
163 * added --timeout flag and PingTimeout configuration
164 * did some first syslog cleanup work
166 version 0.2.13 Jan 23 1999
169 version 0.2.12 Jan 23 1999
170 * fixed nauseating bug so that it would crash whenever a connection
173 version 0.2.11 Jan 22 1999
174 * framework for multiple connections has been done
175 * simple manpage for tincd
177 version 0.2.10 Jan 18 1999
178 * passphrase support added
180 version 0.2.9 Jan 13 1999
183 version 0.2.8 Jan 11 1999
184 * a reworked protocol version
186 * more reliable networking code
187 * automatic reconnection
188 * still does not work with more than one connection :)
189 * strips MAC addresses before sending, so there's less overhead, and
192 version 0.2.7 Jan 3 1999
193 * several updates to make extending more easy.
195 version 0.2.6 Dec 20 1998
196 * Point-to-Point connections have been established, including
197 blowfish encryption and a secret key-exchange.
199 version 0.2.5 Dec 16 1998
200 * Project renamed to tinc, in honour of TINC.
202 version 0.2.4 Dec 16 1998
203 * now it really does ;)
205 version 0.2.3 Nov 24 1998
206 * it sort of works now
208 version 0.2.2 Nov 20 1998
211 version 0.2.1 Nov 14 1998